101 to 125 of 471 Incident Response Jobs in the UK excluding London

our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on … practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. * **Rapid Response Enablement - ** Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident More ❯

our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on … practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. * **Rapid Response Enablement - ** Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident More ❯

our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on … practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. * **Rapid Response Enablement - ** Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident More ❯

our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on … practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. * **Rapid Response Enablement - ** Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident More ❯

our purpose . So what's your next change? Airbus Defense and Space is looking for a passionate and talented Cyber Security Detection & Automation Engineer to join our international Incident Response Team (CSIRT), in Newport, Portsmouth or Stevenage. A mission critical part for us in order to secure our world-class business. This is a technical, hands-on … practices, TTPs (tactics, techniques, procedures), and threat actor profiles . Ensure timely and accurate dissemination of threat data to internal stakeholders across the organization, including CISO-level reports. * **Rapid Response Enablement - ** Design and maintain workflows for the rapid delivery of intelligence to incident response and risk teams, enabling faster decision-making and containment. Support post-incident More ❯

efficacy and maintain OT security monitoring solutions deployed within the OT environment. Threat Analysis: Analysing and identifying potential cyber threats and vulnerabilities, assess their impact, and prioritize responses accordingly. Incident Response: Developing and implementing incident response plans for handling cyber incidents in OT environments, including containment, eradication, and recovery procedures. Vulnerability Management: Identifying and assessing vulnerabilities More ❯

efficacy and maintain OT security monitoring solutions deployed within the OT environment. Threat Analysis: Analysing and identifying potential cyber threats and vulnerabilities, assess their impact, and prioritize responses accordingly. Incident Response: Developing and implementing incident response plans for handling cyber incidents in OT environments, including containment, eradication, and recovery procedures. Vulnerability Management: Identifying and assessing vulnerabilities More ❯

with internal policies, external regulations and industry good practice. (e.g., GDPR, ISO27001, CIS, ISF, NIST). Provide expert guidance on security best practices, threat modelling, and mitigation strategies. Support incident response and post-incident reviews from an architectural perspective. Skills and experience you need as Information Security Assurance Specialist: Strong understanding of all security principles and underlying More ❯

Establish and enforce IT policies, standards, and procedures to ensure high availability, performance, and security. Lead a 24 7 support model for internal platforms and services, including service desk, incident management, access control, and remote support. Ensure high-quality internal service delivery through ITIL-aligned practices, KPIs, and SLAs. Drive automation and self-service capabilities for common support tasks … and technology partners to ensure cost-effective and reliable service delivery. Collaborate with InfoSec and Legal teams to ensure compliance with relevant regulations (e.g., ISO 27001, GDPR). Lead incident response and disaster recovery planning/testing for internal platforms and operational IT. Requirements Needed: Bachelor's degree in information technology, Computer Science, or related experience. 10+ years More ❯

on GDPR, UK Data Protection Act, and other relevant regulations. Partner with internal stakeholders across legal, compliance, IT, and operations to improve the organisation's security posture. Assist with incident response planning and investigations as needed. Provide training and awareness support to staff and leadership. Support internal and external audits, including FCA and ISO 27001 audits. Stay current More ❯

audits Develop and maintain security compliance documentation Coordinate and respond to penetration testing activities Implement security recommendations and remediation plans Ensure infrastructure meets corporate security standards Participate in security incident response planning Business Continuity: Lead disaster recovery planning for scientific computing infrastructure Coordinate and execute DR testing Maintain DR documentation and procedures Develop and maintain business continuity plans … Technical: Infrastructure architecture and design Performance optimization Problem-solving and troubleshooting Security best practices Technical documentation Business & Management: Contract negotiation and management Budget planning and control Risk management Audit response and compliance Strategic planning Vendor management Cost-benefit analysis Interpersonal: Strong communication skills Stakeholder management Team collaboration Conflict resolution Customer service orientation Ability to bridge technical and scientific domains More ❯

explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incident response, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯

explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incident response, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯

explain how this relates to the function's strategy and action plan and to Clarion's mission and vision and motivate people to achieve local business goals. Experienced with incident response, SIEM systems and threat detection tools, and with certification such as CISSP CISM. CISA or ISO27001, ISO27701 lead auditor, we'll look to you to maintain and More ❯

ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯

ways of working and can build trust across diverse teams and stakeholders Working knowledge of security architecture principles and best practices. Demonstrable experience in security architecture, risk assessment and incident response Experience & Technical Skills: Essential criteria: Experience in designing and implementing security solutions, preferably in a government or public sector environment. Working knowledge of security standards and frameworks More ❯

Lead to join their organization. The Information Security Officer & Cyber Security Lead will have knowledge of ISO27001 & Cyber Essentials as well as hands-on technical knowledge of SIEM and incident response. Key Responsibilities for the Information Security Officer & Cyber Security Serve as a subject matter expert for information security, advising stakeholders on risks, controls, and security best practices. Support More ❯

Lead to join their organization. The Information Security Officer & Cyber Security Lead will have knowledge of ISO27001 & Cyber Essentials as well as hands-on technical knowledge of SIEM and incident response. Key Responsibilities for the Information Security Officer & Cyber Security Serve as a subject matter expert for information security, advising stakeholders on risks, controls, and security best practices. Support More ❯

CFC) you will respond, contain, escalate, investigate, and coordinate mitigation of security events relative to anomalies detected and escalated by the Cyber Fusion Centre (CFC) according to Experian's Incident Response Plan. This team member will join a new, growing team of specialized, advanced responders to support escalations of complex or prioritized matters from Experian's existing 24x7 … security monitoring and response functions responsible for responding to and analysing security incidents involving threats targeting Experian information assets. These threats may include phishing, malware, network attacks, suspicious activity. Also, you will involve working with end-users, partners, technical support teams, and management to ensure remediation and recovery from these threats.?Use analytics & data collected from endpoints, environmental logging … schedule and expectation to participate in on-call schedule or work outside of normal work hours to manage cybersecurity incidents. You will report to the CFC Senior Director of Incident Management and Security Operations. Main Responsibilities include:- Conduct advanced incident response activities to investigate and contain complex and larger-scale cybersecurity matters (such as potential major severity More ❯

platforms that form part of UK national infrastructure. Role Overview This position will focus on monitoring, assessing, and strengthening OT cybersecurity posture. The successful candidate will contribute to detection, response, and prevention strategies across a diverse technology stack within a regulated environment. Key Responsibilities Monitor and manage OT security monitoring tools and technologies. Analyse threats, assess vulnerabilities, and prioritise … remediation efforts. Develop and execute incident response plans specific to OT systems. Identify and track vulnerabilities, working with internal teams for resolution. Support security assessments and coordinate OT-specific penetration testing. Assist in the development of OT-specific security policies and procedures. Ensure compliance with industry standards and regulatory frameworks, including IEC62443, NIS, CAF, OG86, and HSE. Apply … frameworks such as NIST, IEC62443, NIS Regulations, CAF, or SoGP. Understanding of threat intelligence, attack surfaces, and cyber kill chains relevant to OT. Proven experience in vulnerability management and incident response in OT contexts. Ability to manage stakeholder relationships and communicate technical risks effectively. A proactive approach to problem-solving and strong attention to detail. More ❯

seasoned SOC professional looking to make a tangible impact. Apply now to join a team focused on protecting enterprise assets against evolving cyber threats. Key Responsibilities: Lead investigations and response efforts for high-severity security incidents. Conduct proactive threat hunting using Microsoft Sentinel and the Defender suite. Develop and fine-tune analytic rules, workbooks, and automation playbooks in Sentinel. … Perform deep-dive analysis of malware, phishing, and lateral movement techniques. Collaborate with engineering teams to optimise Microsoft security tool integrations. Maintain and enhance incident response procedures and documentation. Skills/Must have: Over 5 years of experience in cybersecurity, including a minimum of 2 years in a Level 3 SOC or equivalent role. Expert-level proficiency with … Identity, and Office 365. Strong knowledge of the MITRE ATT&CK framework, threat intelligence, and adversary TTPs. Solid understanding of Windows, Linux, and core network security principles. Skilled in incident response, digital forensics, and proactive threat hunting. Experience working with SOAR platforms and building automated workflows. Benefits: View to Extension Salary: Up to £575 Per Day More ❯

per week on-site and the remainder remote. You'll play a central role in monitoring, analysing, and improving the organisation's cyber security posture - particularly around SIEM and incident response, with a strong focus on Microsoft Sentinel. Key Responsibilities: Monitor security alerts and log data using Microsoft Sentinel and related SIEM tools Respond to security incidents, performing … experience in a cyber security analyst or SOC analyst role Strong hands-on knowledge of Microsoft Sentinel and broader SIEM technologies Solid understanding of threat detection, log analysis, and incident response workflows Experience working in a public sector or regulated environment is highly desirable Ability to clearly communicate security issues and provide actionable advice to stakeholders This is More ❯

and infrastructure environments—most notably AWS. Your role will be pivotal in ensuring the secure delivery of new systems into live service, as well as ongoing protection, compliance, and incident response. You will: Own the vulnerability management strategy across platforms, leading scanning, remediation, and reporting activities Design and enforce endpoint security policies, access controls, and malware protections Lead incident identification and response efforts, ensuring swift containment and root cause analysis Oversee system hardening and compliance with industry standards (CIS, STIG, NIST) Contribute to strategic security planning and advise engineering and programme leadership on cyber risks Provide oversight and review of technical documentation, ensuring quality and audit readiness Represent cyber security in high-level programme planning and governance … endpoint protection, and vulnerability management Strong working knowledge of compliance frameworks and standards (CIS, STIG, NIST, Government Functional Standard 007) Proven ability to lead security planning, risk assessments, and incident response activities Excellent documentation, communication, and collaboration skills Eligibility for DV (Developed Vetting) clearance Experience leading or mentoring engineering teams and influencing security posture across a programme or More ❯

/prevention systems (IDS/IPS), and secure network protocols. Penetration Testing & Vulnerability Assessment - Skills in identifying, simulating, and remediating vulnerabilities through tools (e.g., Nessus, Metasploit) and manual testing. Incident Response & Forensic Analysis - Ability to manage and respond to security breaches, perform digital forensics, and mitigate damage through structured incident response processes. Risk Management & Compliance - Proficiency … threat sources to preempt potential cyber attacks. Security Automation & Scripting - Familiarity with scripting languages (such as Python, PowerShell, or Bash) to automate repetitive tasks, analyse security logs, and manage incident response. How it works: Learn : Complete a period of full-time Academy training when you join Sparta Global. All training is delivered remotely by our team of industry-professional More ❯

Responsibilities: Monitor, triage, and investigate security incidents on critical client infrastructure. Conduct in-depth analysis of network traffic, system events, and logs to detect security threats and vulnerabilities. Provide Incident Response support and maintain thorough incident documentation. Continuously improve SOC tool usage, operational practices, and knowledge-sharing across the team. Prepare and present reports for managed clients More ❯